Much of your data can just be subpoenaed and then provided to law enforcement without physical access however. Apple complies 90% of the time.

https://www.theguardian.com/technology/2022/sep/23/apple-user-data-law-enforcement-falling-short

Also, there are ways that LE can bypass your iphone’s encryption. Just doesn’t work all the time.

https://www.vice.com/en/article/4ag5yj/unlock-apple-iphone-database-for-police

GrapheneOS, based on AOSP, is really the only truly private and secure option. Android offering interoperability is not a downside and Apple having a walled garden does not mean it provides increased security. Apple is decidedly not transparent and this is ultimately not a good thing.

I’ve been using GrapheneOS for about 5 years.

Google pay won’t work, but everything else should. I’ve never experienced any of the issues the other commenter had, and I’ve installed Graphene on 4 devices (not dismissing you BTW, just saying I think your experience is quite uncommon).

I don’t think third-party launchers are a good idea (you’re giving full device permission to an unneeded app) but it should work.

Almost every app I wanted to use worked with Graphene before they introduced their sandboxed google services, and now everything I’ve tested works with Google push notifications. The only exception is Google pay, and there are upstream reasons for that. Keep in mind, on a very rare occasion the hardened memory allocator breaks compatibility (again this is very rare), but there is an app-specific setting toggle to turn this off so it’s kind of a non-issue.

deleted by creator

Removed by mod

This is insanely moralistic and just a bad idea, but also… of all the things going on, how can this possibly be a priority?

Nevermind the infringement on human rights and the conservatives’ historical tendency to cater to corporate interests. Affordable housing wasn’t a priority under Harper either.

deleted by creator

I don’t understand the format of this. Why put a dictator/murderer/war criminal and shitty capitalist/conservative talking head having this detailed and interesting conversation. These two in no way deserve any of the positive association this meme implies.

If you’re using a stock android device, the OS on your phone still has permissions to read and write to storage, by necessity. If what you’re concerned about is privacy, you have very limited ability to set storage scopes if you don’t trust the OS, and this doesn’t really change if you install an app.

If you’re using fossify file manager or any other file manager, you’ve given that app+the default Files app access to your storage. This is not more private. Most of those similar apps are essentially just skins on top of the default manager (which I suppose could be useful). This only really adds attack surface and doesn’t have any meaningful privacy benefits, and potentially some detractors depending on the app you use.

If you don’t trust the operating system and its utilities, the best option is to find an operating system you trust, and not to just install new skins on top of existing apps.

I once tried to do a relatively basic repair on a phone, and ended up really breaking it. Like the touch screen won’t work because I broke some shit on the motherboard that now requires micro soldering broke it.

So I send it to a repair company that allegedly does some micro soldering, and they call me to tell me they can’t repair it because their diagnostic utility doesn’t work unless it’s the stock OS (I’ve been a GrapheneOS user for many years). What they do is… wipe my data and then tell me it’s not the screen so they can’t repair it.

Then I sent it to an actually good repair shop and they fixed it very quickly, easily understanding the problem. Good repair companies aren’t easy to find but damn are they worth it. They’re almost always smaller shops and they do not GAF what you do with your phone’s software.

Kind of an aside, but there are a lot people who think they don’t like tomatoes because of what is generally commercially available and sold as “fresh” tomato.

It’s actually wild how different vine-ripened tomatoes are in taste and texture, compared to their commercially produced counterparts.

The flavour and texture of fresh tomatoes tends to develop more fully than if picked half-ripe and ripened during transport or storage. Also, the soil tomatoes are or aren’t grown in has a pretty significant influence on its flavour. Refrigeration also has a pretty significant effect on taste as well. It’s suggested that you don’t chill them, as this reportedly changes the flavour considerably.

There are actually a few recent studies that assess the flavour qualities of different tomatoes by region, variety and method of growing. Commercially produced tomatoes have largely been selected for shelf life and yield, without much consideration given to taste or texture (and it shows).

Not tiktok music?

Can I ask why?

LineageOS supports a custom avb (android verified boot) key and a locked boot loader on a very limited number of devices, and surely not a galaxy s4. Which is to say if malware was installed on your device it could be persistent through boot/reboot cycles. There will be no verifying OS integrity. Also on a device that’s been unsupported for that many years, the firmware and software that you’ll have access to is dramatically less secure. And this just can’t improved by also not having a locked bootloader.

Lineage can only do so much to support devices after they’ve reached EOL, which while I agree sucks, it’s a problem that’s at the hardware level (Qualcomm and Samsung make it impossible to continue meaningful support).

I understand if you’re trying to keep a device alive that you already have, but buying a phone for this purpose is probably not a good call. Or do you live in an area with limited access to newer tech?

If you can at all, the cheapest and best move would be to buy something like a Pixel 6a or 7a (or even a 5a) and run GrapheneOS.

I set up 2FA via a hardware security key (a yubikey) for login, sudo etc. I then tried to switch security keys, removing the old pam files and adding a new one. But I didn’t tidy the pam files up before logging in, and there was effectively no way to log in, since editing the pam files required sudo access to edit in the first place. So basically the whole system required access to a pluggable authentication module that it no longer had any ability to recognize. It was honestly pretty funny. I did manage to recover my data by booting from a live system and decrypting my drive from there.

I’ve also accidentally removed my desktop environment twice while trying to update Python versions and then cleaning up old packages, but that’s kinda not that big deal and is just a facepalm moment.